{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bddf8ef8-9582-50b6-a205-820e66b06399", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-ldap@2.7.18-tuxcare.10", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-data-ldap", "version": "2.7.18-tuxcare.10", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-data-ldap@2.7.18-tuxcare.10" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0447e3f7-7359-5501-855f-482cebc1e96e", "id": "CVE-2023-38286", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-38286 is fixed in version 2.7.18-tuxcare.10 of org.springframework.boot:spring-boot-starter-data-ldap." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-ldap@2.7.18-tuxcare.10" } ] }, { "bom-ref": "urn:uuid:c69374c5-e205-537c-9fb9-6bdce74450fc", "id": "CVE-2024-38807", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38807 is fixed in version 2.7.18-tuxcare.10 of org.springframework.boot:spring-boot-starter-data-ldap." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-ldap@2.7.18-tuxcare.10" } ] }, { "bom-ref": "urn:uuid:d21f3af7-c81b-5cc6-993e-63ef85f90796", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.7.18-tuxcare.10 of org.springframework.boot:spring-boot-starter-data-ldap." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-ldap@2.7.18-tuxcare.10" } ] }, { "bom-ref": "urn:uuid:d4ba29de-2150-56e6-900d-f710955db94c", "id": "CVE-2026-22733", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22733 affects version 2.7.18-tuxcare.10 of org.springframework.boot:spring-boot-starter-data-ldap." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-ldap@2.7.18-tuxcare.10" } ] }, { "bom-ref": "urn:uuid:2e612f8e-53c8-5118-a459-64d9ca26272c", "id": "CVE-2026-40972", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40972 affects version 2.7.18-tuxcare.10 of org.springframework.boot:spring-boot-starter-data-ldap." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-ldap@2.7.18-tuxcare.10" } ] }, { "bom-ref": "urn:uuid:34e86f4f-fb15-5f2b-96dd-3a4284b36d9b", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.7.18-tuxcare.10 of org.springframework.boot:spring-boot-starter-data-ldap." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-ldap@2.7.18-tuxcare.10" } ] }, { "bom-ref": "urn:uuid:b574656b-d729-5694-ace2-e6817f9f23b6", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.18-tuxcare.10 of org.springframework.boot:spring-boot-starter-data-ldap." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-ldap@2.7.18-tuxcare.10" } ] }, { "bom-ref": "urn:uuid:6c14ee27-b310-506f-b6d7-d2a6bf55776c", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.7.18-tuxcare.10 of org.springframework.boot:spring-boot-starter-data-ldap." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-ldap@2.7.18-tuxcare.10" } ] }, { "bom-ref": "urn:uuid:c20d4753-a37c-5d35-b5b4-b6812b84ab9a", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.7.18-tuxcare.10 of org.springframework.boot:spring-boot-starter-data-ldap." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-ldap@2.7.18-tuxcare.10" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-data-ldap@2.7.18-tuxcare.10" } ] }